nixpkgs/pkgs/applications/graphics/ImageMagick/7.0.nix
Franz Pletz 4dae4f86fa
imagemagick: 7.0.4-0 -> 7.0.4-6 for multiple CVEs
Fixes at least:

  * CVE-2016-10144
  * CVE-2016-10145
  * CVE-2016-10146
  * CVE-2017-5506
  * CVE-2017-5507
  * CVE-2017-5508
  * CVE-2017-5510
  * CVE-2017-5511
2017-02-02 11:10:56 +01:00

91 lines
2.9 KiB
Nix

{ lib, stdenv, fetchurl, fetchpatch, pkgconfig, libtool
, bzip2, zlib, libX11, libXext, libXt, fontconfig, freetype, ghostscript, libjpeg
, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp
, ApplicationServices
}:
let
arch =
if stdenv.system == "i686-linux" then "i686"
else if stdenv.system == "x86_64-linux" || stdenv.system == "x86_64-darwin" then "x86-64"
else if stdenv.system == "armv7l-linux" then "armv7l"
else throw "ImageMagick is not supported on this platform.";
cfg = {
version = "7.0.4-6";
sha256 = "1nm0hjijwhcp6rzcn7zksp2820dxvj4lmblj7kzpzd3s1ds09q0y";
patches = [];
};
in
stdenv.mkDerivation rec {
name = "imagemagick-${version}";
inherit (cfg) version;
src = fetchurl {
urls = [
"mirror://imagemagick/releases/ImageMagick-${version}.tar.xz"
# the original source above removes tarballs quickly
"http://distfiles.macports.org/ImageMagick/ImageMagick-${version}.tar.xz"
"https://bintray.com/homebrew/mirror/download_file?file_path=imagemagick-${version}.tar.xz"
];
inherit (cfg) sha256;
};
patches = [ ./imagetragick.patch ] ++ cfg.patches;
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big
outputMan = "out"; # it's tiny
enableParallelBuilding = true;
configureFlags =
[ "--with-frozenpaths" ]
++ [ "--with-gcc-arch=${arch}" ]
++ lib.optional (librsvg != null) "--with-rsvg"
++ lib.optionals (ghostscript != null)
[ "--with-gs-font-dir=${ghostscript}/share/ghostscript/fonts"
"--with-gslib"
]
++ lib.optionals (stdenv.cross.libc or null == "msvcrt")
[ "--enable-static" "--disable-shared" ] # due to libxml2 being without DLLs ATM
;
nativeBuildInputs = [ pkgconfig libtool ];
buildInputs =
[ zlib fontconfig freetype ghostscript
libpng libtiff libxml2
]
++ lib.optionals (stdenv.cross.libc or null != "msvcrt")
[ openexr librsvg openjpeg ]
++ lib.optional stdenv.isDarwin ApplicationServices;
propagatedBuildInputs =
[ bzip2 freetype libjpeg lcms2 ]
++ lib.optionals (stdenv.cross.libc or null != "msvcrt")
[ libX11 libXext libXt libwebp ]
;
postInstall = ''
(cd "$dev/include" && ln -s ImageMagick* ImageMagick)
moveToOutput "bin/*-config" "$dev"
moveToOutput "lib/ImageMagick-*/config-Q16HDRI" "$dev" # includes configure params
for file in "$dev"/bin/*-config; do
substituteInPlace "$file" --replace pkg-config \
"PKG_CONFIG_PATH='$dev/lib/pkgconfig' '${pkgconfig}/bin/pkg-config'"
done
'' + lib.optionalString (ghostscript != null) ''
for la in $out/lib/*.la; do
sed 's|-lgs|-L${lib.getLib ghostscript}/lib -lgs|' -i $la
done
'';
meta = with stdenv.lib; {
homepage = http://www.imagemagick.org/;
description = "A software suite to create, edit, compose, or convert bitmap images";
platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ the-kenny wkennington ];
};
}